package com.alan.pop.core.controller;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.DisabledAccountException;
import org.apache.shiro.authc.ExcessiveAttemptsException;
import org.apache.shiro.authc.ExpiredCredentialsException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.UnauthorizedException;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;

import com.alan.pop.core.pojo.User;
import com.alan.pop.core.service.IUserService;

@Controller
@RequestMapping("/user")
public class UserController {
	@Resource
	private IUserService userService;
	
	@RequestMapping(value = "/login")  
	public String login(HttpServletRequest request, Model model) {  
		 return "/user/login";  
	}
	
	@RequestMapping(value = "/doLogin")  
	public String doLogin(HttpServletRequest request, Model model) {  
	    String msg = "";  
	    String userName = request.getParameter("userName");  
	    String password = request.getParameter("password");  
	    System.out.println(userName);  
	    System.out.println(password);  
	    UsernamePasswordToken token = new UsernamePasswordToken(userName, password);  
	    token.setRememberMe(true);  
	    Subject subject = SecurityUtils.getSubject();  
	    try {  
	        subject.login(token);  
	        if (subject.isAuthenticated()) {  
	            return "redirect:/";  
	        } else {  
	            return "login";  
	        }  
	    } catch (IncorrectCredentialsException e) {  
	        msg = "鐧诲綍瀵嗙爜閿欒. Password for account " + token.getPrincipal() + " was incorrect.";  
	        model.addAttribute("message", msg);  
	        System.out.println(msg);  
	    } catch (ExcessiveAttemptsException e) {  
	        msg = "鐧诲綍澶辫触娆℃暟杩囧";  
	        model.addAttribute("message", msg);  
	        System.out.println(msg);  
	    } catch (LockedAccountException e) {  
	        msg = "甯愬彿宸茶閿佸畾. The account for username " + token.getPrincipal() + " was locked.";  
	        model.addAttribute("message", msg);  
	        System.out.println(msg);  
	    } catch (DisabledAccountException e) {  
	        msg = "甯愬彿宸茶绂佺敤. The account for username " + token.getPrincipal() + " was disabled.";  
	        model.addAttribute("message", msg);  
	        System.out.println(msg);  
	    } catch (ExpiredCredentialsException e) {  
	        msg = "甯愬彿宸茶繃鏈�. the account for username " + token.getPrincipal() + "  was expired.";  
	        model.addAttribute("message", msg);  
	        System.out.println(msg);  
	    } catch (UnknownAccountException e) {  
	        msg = "甯愬彿涓嶅瓨鍦�. There is no user with username of " + token.getPrincipal();  
	        model.addAttribute("message", msg);  
	        System.out.println(msg);  
	    } catch (UnauthorizedException e) {  
	        msg = "鎮ㄦ病鏈夊緱鍒扮浉搴旂殑鎺堟潈锛�" + e.getMessage();  
	        model.addAttribute("message", msg);  
	        System.out.println(msg);  
	    }  
	    return "/user/login";  
	}

	@RequestMapping("/showUser")
	public String toIndex(HttpServletRequest request, Model model) {
		User user = this.userService.getUserById(request.getParameter("id"));
		model.addAttribute("user", user);
		return "/core/showUser";
	}
}
